Security Alert

OIT Tax Tips

This year’s tax deadline has been extended, which means phishers and scammers have even more time than normal to trick individuals with tax scams. OIT has tips for UA students, faculty and staff to keep sensitive tax information safe this spring.

Beware of phone and email scams.

Do not be fooled by phone calls or emails that threaten to be the IRS demanding immediate payment. If you owe money to the IRS, you will receive a bill by mail, not a phone call or email.

Additionally, malicious actors may pose as the IRS and send messages with content such as “Where’s My Refund” or “Tax Refund Payment” attempting to lure in victims. These messages often include web links where they will ask the message recipient to submit sensitive information including a Social Security number, date of birth and prior year annual gross income. Be mindful of the red flags of phishing to easily spot phishing emails.

Store documents in a safe place.

You wouldn’t leave a paper copy of your W2 sitting on a public bench. The same rules apply to online storage! Tax documents should be stored on a secure hard drive or personal, encrypted cloud storage account.

Send documents in a secure manner.

Do not email sensitive documents as an attachment. To share files, OIT recommends storing them in a secure cloud storage account, and sharing access to that account with only individuals you trust. OIT also recommends that faculty and staff use a personal email account for tax purposes. The email account should be secured with a strong password and two-factor authentication. Gmail offers Google Two-Step as an easy way to better secure email accounts.

Select a secure accountant.

If you choose to use an accounting service or company to file your taxes for you, ensure they have a record of good cybersecurity practices. By employing a tax accountant, you are trusting them with your most sensitive data. It isn’t out of reason to ask what measures they take to ensure your data is safe.

Tax-related identity theft is the most common type of identity theft. To learn more tips about how to protect your tax information, visit the IRS website, Identity Theft Central.

Student Phishing Alert – March 3, 2021

Wednesday, March 3, many UA students received a phishing email that featured the subject title “P/A WORK APPLICATION”.

This email is a scam, not an actual work application. A screenshot of the phishing message is below.  If you received this message, please delete it. Take a moment to review the red flags of phishing to learn how to spot common phishing emails like these.

If you have any questions or concerns, contact OIT Security at 205-348-5555 or itsd@ua.edu.

student phishing email

LifeLock with Norton – Personal Machines Only

As a part of the benefits package offered to faculty and staff, The University of Alabama offers identity theft protection from LifeLock with Norton.

This service provides enrollees with identity protection and credit monitoring as well as Norton 360 antivirus software. Enrollees are permitted to use the Norton 360 antivirus software on personal machines only. University machines are protected with McAfee antivirus software which will not work effectively alongside Norton antivirus software.

If you have installed Norton 360 on a University machine please work with IT support in your area to remove the software. Additionally, Norton 360 customers may contact member services at 800-607-9174 for assistance removing the software. Dedicated Norton agents are available 8am-6pm CST for assistance.

Student Phishing Alert – Dec. 1

Tuesday, Dec. 1, more than 600 UA students received a phishing email that featured the subject title “FIXED TERM (PART-TIME JOB)”.

This email is a scam, attempting to trick students into providing information for a fake job opportunity. A screenshot of the phishing message is below. If you received this message, please delete it. Take a moment to review the red flags of phishing to learn how to spot common phishing emails like these.

If you have any questions or concerns, contact OIT Security at 205-348-5555 or itsd@ua.edu.

student phishing